Privacy Policy

Te Ara Ture Privacy Policy

INTRODUCTION

 

This Privacy Policy explains how Te Ara Ture collects, uses, stores, shares, discloses and otherwise handles personal information in accordance with the New Zealand Information Privacy Principles (“NZIPP”) which are contained in the Privacy Act 2020.  This Privacy Policy is governed under the laws of New Zealand.

 

For purposes of this Policy, “personal information” means information about an identifiable individual as defined under the Privacy Act 2020.

For all individuals who make an application to Te Ara Ture, this policy should be read in conjunction with the Information Sharing Disclosure Statement contained in the application form.  If you have any questions or feedback about this Policy or the way in which the Te Ara Ture handles personal information you can contact us using the details below.  You can also request a hard copy of this Policy using the details below.

 

Contacting Us:

 

Privacy Officer

Te Ara Ture

Mail: Level 2, 15 Dixon Street, PO Box 24005, Wellington 6142

Email: info@tearature.co.nz

Telephone: 4 460 4463

 

Key Principles:

 

When collecting personal information or data, people have legal rights that we must respect. This means that, among other things, when we are collecting and using people’s information we must ensure:

 

  1. They know we are collecting it, why we are collecting it, how we will use it, and where it gets disclosed.

  2. The data is flowing securely from them to us, access to it is controlled, and any disclosures are carefully considered.

 

Types of Personal Information We Collect:

 

The types of personal information that we collect about you will depend on the type of dealings you have with us. For example, if you:

 

  1. seek legal assistance, we may collect your name, contact details, details of your guardian (if applicable), financial details (if necessary to confirm your eligibility for our services), information about your circumstances, and information about the matter you are seeking assistance with, and information about the outcome of the matter.

  2. provide legal assistance to referred parties, we may collect your name, organisation and contact details, and information about the progression and outcome of the matter.

  3. become a supporter of Te Ara Ture, we may collect your name, organisation, contact details and confirm whether you are a student.

  4. register for a subscription to a Te Ara Ture publication, we may collect your name, organisation and contact details and details about the information you access in our publications.

  5. make a donation to Te Ara Ture, we may collect your name, organisation, contact details, the amount and frequency of your donation and payment details.

  6. attend a professional development or training program or attend another Te Ara Ture event, we may collect your name, organisation, contact details, payment details (if applicable) and any dietary and accessibility requirements.

  7. participate in our surveys, we may collect your name, organisation contact details and your survey responses.

  8. download a Te Ara Ture precedent from our website or use a web application, we may collect your name, organisation and contact details and details of the precedent you downloaded or web application that you used.

  9. send us an enquiry, we may collect your name, contact details, information about your circumstances and details of your query.

  10. make a complaint, we may collect your name, contact details, the details of your complaint, information collected in any investigation of the matter and details of the resolution of the complaint.

  11. apply for a role at Te Ara Ture, we may collect the information you include in your application, including your cover letter, resume, contact details and referee reports.

 

What if you don’t provide us with your personal information?

 

In some circumstances we allow individuals the option of not identifying themselves, or of using a pseudonym, when dealing with us (for example, when viewing our website or making general phone queries).

 

The nature of the business carried on by Te Ara Ture means that, generally, it is not possible for us to provide services to our clients or deal with witnesses or other individuals in an anonymous way.

 

How do we collect personal information?

 

We collect personal information by lawful means in a number of ways, including:

 

  • through our websites;

  • when you correspond with us (for example by letter, email or telephone);

  • on hard copy forms;

  • in person (for example, at job interviews and where we meet with a clients directly);

  • from referring to third parties such as Legal Aid;

  • at events and forums; and

  • from third parties such as Community Law Centres, Citizens Advice Bureau, Women’s Refuge or referrers who refer you to us for assistance with your express consent.

 

Why do we collect personal information?

 

The main purposes for which we collect, hold, use, share and disclose personal information are as follows:

 

  1. Providing pro bono legal services:

    1. assessing whether clients meet our eligibility criteria;

    2. determining whether clients have any special needs, such as an interpreter or disability assistance;

    3. endeavouring to arrange for the provision of legal and non-legal assistance (e.g. social work) to eligible clients;

    4. referring clients to lawyers where the lawyer has agreed to provide assistance; and

    5. operating an online tool (the Portal) that we use to make referrals.

  2. Advocacy:

    1. carrying out law reform and policy work;

    2. promoting Te Ara Ture and its activities, including through events and forums;

    3. conducting research and statistical analysis relevant to Te Ara Ture’s activities;

    4. preparing client stories for use in advocacy work and in publications (clients will not be individually identified without their express consent); and

    5. reporting about our activities and client outcomes.

  3. Education, information and outreach:

    1. providing legal information or resources;

    2. running professional development programs for lawyers;

    3. running community training programs about the law; and

    4. outreach activities, including community-based activities and online campaigns to promote our services.

  4. Fundraising:

    1. seeking funding and donations:

    2. organising fundraising events; and

    3. reporting to funding providers.

  5. General administration:

    1. recruiting staff, contractors and volunteers;

    2. answering queries and resolving complaints; and

    3. evaluating our work, planning services and reporting externally.

  6. Direct marketing:

    1. Direct marketing is the promotion of goods and services directly to you including through emails, SMS, phone calls and the post. We will only send you direct marketing materials if you would reasonably expect to receive them or you have expressly consented. If it is impractical to gain your consent, we will always provide a simple means for you to request not to receive the material (“opting out”). We will not use your personal information for the purposes of direct marketing unless you have given us prior consent. 

 

Opting out:

You can opt out of receiving marketing communications from us by:

 

  • advising us if you receive a marketing call that you no longer wish to receive these calls;

  • using the unsubscribe facility that we include in our commercial electronic messages (such as email and SMS) to opt out of receiving those messages, or

  • contacting us at the contact details outlined above.

 

Who do we disclose your personal information to?

 

The nature of the services provided by Te Ara Ture means that it is often necessary for us to disclose your personal information to other parties. We will ordinarily let you know who we will disclose your personal information to when we collect the information from you (unless there are practical reasons for not informing you) or when a referral agency collects the information for us.

 

Common third parties we might need to disclose your personal information to include:

 

  • the legal providers that give legal assistance to our clients;

  • agencies who refer you to us or make an application with us on your behalf;

  • other agencies or people (with your express consent);

  • our funding providers (although personal information will only be provided with express consent);

  • referees whose details are provided to us by job applicants;

  • our contracted service providers which include:

    • information technology service providers;

    • conference, function and training organisers;

    • marketing, communications and research agencies;

    • freight and courier services;

    • printers and distributors of direct marketing material; and

    • external business advisers (such as recruitment advisors, auditors and lawyers).

  • a court (for obtaining copies of documents relevant to your matter).

 

More information about the sharing of information for applicants and users of our service is available in the Information Sharing Disclosure Statement which forms part of the applications form.

 

In the case of contracted service providers, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.

 

Given the nature of our work, we sometimes have to disclose personal information without consent.  We are allowed to do this if we think, on reasonable grounds, that disclosure is necessary to prevent or lessen a serious threat to public health or public safety, or the life or health of the individual concerned or of another individual.

Safeguards when Onboarding Clients:

The nature of our service means we must share information about you with other people or agencies, including pro bono providers.  This means the usual standards of confidentiality will not be present with regards to providers of legal services you interact with.  It also means there is an increased risk of accidental disclosure, identification of you, or damage to your legal position. 

 

When onboarding an applicant Te Ara Ture takes the following steps to limit the risk and impact of information sharing:

 

  • We only share identity information after an expression of interests has been made by a pro bono provider.The purpose of this is to enable a conflict check to occur.

 

  • We only share substantive and detailed information about our legal matter once it is confirmed by the pro bono provider that no conflict of interest exists.This additional information is used by the pro bono provider to assess whether it is able to offer help or to complete the placement of your matter with them.

 

Cross border disclosures:

We may disclose personal information to our contracted information technology service providers which are cloud-based services and hosted off-shore.  These providers are deemed by the Privacy Act to be our agents and any information held by them is regarded to be held by us.

 

Storage and security of the information we hold:

 

We hold personal information in both hard copy and electronic formats.  Paper files are stored in secure cabinets onsite. They may also be archived in boxes and stored offsite in secure facilities. If you are a client, we will return any of your original documents that we have to you when your matter has been finalised.  Copies of your documents will remain on your file with us for no longer than necessary and will generally be kept for 7 years after the date that your file has been closed.

 

Information may be stored off-shore on third party servers.  The Privacy Act treats such third parties as agents.  Information held on third party servers is deemed to be held by us.

 

The security of your personal information is important to us and we use the recommended industry standards when storing and dealing with your personal information.

 

The steps we take to secure personal information against loss, access, use or unauthorized disclosure include:

 

  • website protection measures (such as encryption, firewalls and anti-virus software);

  • access restrictions to our computer systems (such as login and password protection);

  • restricted access to our office premises; and

  • staff training and implementation of workplace policies and procedures that cover access, storage and security of information.

 

Website security:

 

While Te Ara Ture strives to protect the personal information and privacy of users of our website, we cannot guarantee the security of any information that you disclose online and you therefore disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact Te Ara Ture by telephone or post (our details are provided under “Contacting Us”). You can also help to protect the privacy of your personal information by letting us know as soon as possible if you become aware of any security breach.

 

Third party websites:

 

Links to third party websites that are not operated or controlled by Te Ara Ture are provided for your convenience.  Te Ara Ture is not responsible for the privacy or security practices of those websites. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

 

Access and correction to personal information:

 

We will take reasonable steps to provide you with access to your personal information. We may however charge a fee to cover our reasonable costs of locating the information and providing it to you. We will take reasonable steps to correct your personal information if we are satisfied that it is inaccurate, out of date, incomplete, irrelevant or misleading. If we have provided your personal information to third parties, we will also notify them of the correction if you ask us to do so, unless it is impracticable or unlawful. Requests to access and correct your information should be made by email, post or phone using the details provided under the “Contacting Us” heading. Note that we will need to verify your identity before processing your request. We will endeavour to respond to your request within 30 days. If we do not agree with your request to access or correct your information, we will provide you with written reasons for our decision and available complaint mechanisms.

 

The Privacy Officer is responsible for ensuring we comply with your access and correction rights.

 

Notifiable privacy breaches:

 

We are required to notify the Office of the Privacy Commissioner and the affected individual(s) as soon as practicable after becoming aware of a privacy breach or give public notice if we are unable to notify the affected individual(s).

 

Complaints:

 

If you have a complaint about how Te Ara Ture has collected or handled your personal information, please contact our Privacy Officer using the details provided under the heading “Contacting Us.”

 

We will ask you to complete a Privacy Complaint Form, which provides us with the details we need from you to assess your complaint. We can assist you with completing the Form if required.

 

We will endeavour to respond to your complaint within 30 days of receipt of the Privacy Complaint Form (while complex cases may take longer to resolve, we will keep you updated on the progress of your complaint).

 

If you are unhappy with our response, you can refer your complaint to the Office of the Privacy Commissioner.